Skip to content

soudis/mediawiki-saml

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

i18n

i18n

 
 

includes

includes

 
 

modules

modules

 
 

README.md

README.md

 
 

SamlSingleSignOnAuth.class.php

SamlSingleSignOnAuth.class.php

 
 

SamlSingleSignOnAuth.hooks.php

SamlSingleSignOnAuth.hooks.php

 
 

SamlSingleSignOnAuth.i18n.alias.php

SamlSingleSignOnAuth.i18n.alias.php

 
 

SamlSingleSignOnAuth.php

SamlSingleSignOnAuth.php

 
 

composer.json

composer.json

 
 

extension.json

extension.json

 
 

package.json

package.json

 
 

version

version

 
 

Repository files navigation

SamlSingleSignOnAuth by miniOrange enables MediaWiki to use SAML 2.0 to SSO with SAML complaint IDP.

Required

MediaWiki 1.25+

Download the extension ZIP and extract ZIP to mediawiki host under extensions folder (e.g. mediawiki/extensions). Folder extracted should be SamlSingleSignOnAuth.

Add following configuration to LocalSettings.php and change configuration values:

miniOrange SAML Extension settings

Loads SAML extension

wfLoadExtension( 'SamlSingleSignOnAuth' );

Enter IDP Name

$wgMoSamlIdpName = 'miniOrange';

Enter SAML Issuer URL or Entity ID

$wgMoSamlIssuer = 'https://auth.miniorange.com/moas';

Enter SAML Login URL or ACS(Assertion Consumer Service) URL here

$wgMoSamlLoginURL = 'https://auth.miniorange.com/moas/idp/samlsso';

Enter SAML SLO (Single Logout) URL here

$wgMoSamlLogoutURL = 'https://auth.miniorange.com/moas/idp/samlsso';

Set binding type for login. Two possible values - HttpRedirect and HttpPost

$wgMoSamlLoginBindingType = 'HttpRedirect';

Enter certificate information. Open certificate in notepad and copy certificate

$wgMoSamlX509CertDesc = '-----BEGIN CERTIFICATE----- . . . . . . . . . . . . -----END CERTIFICATE-----';

Only set to true if SAML is brokered through miniOrange

$wgMoSamlIsBrokerOn = false;

OPTIONAL - Enter Relay State if applicable

$wgMoSamlRelayState = '';

Set true if Response is signed, set false by default

$wgMoSamlIsResponseSigned = false;

Set true if Assertion is signed, set true by default

$wgMoSamlIsAssertionSigned = true;

Set this to true if you want to update user with incoming attributes whenever user logs in

$wgMoSamlUpdateUser = true;

Auto create user if the user does not exist

$wgMoSamlCreateUser = true;

Map attributes

$wgMoSamlEmailAttr = 'email'; $wgMoSamlUsernameAttr = 'username'; $wgMoSamlFNameAttr = 'fname'; $wgMoSamlLNameAttr = 'lname'; $wgMoSamlGroupAttr = 'role';

Set default group for users

$wgMoSamlDefaultGroup = 'user';

OPTIONAL - Set this to override $wgServer as site URL in the extension. Please make sure this is

the URL where MediaWiki is hosted and '/extensions/SamlSingleSignOnAuth/' can be appended to it.

$wgMoSamlServer = 'http://<MEDIAWIKI_DOMAIN>/mediawiki';

Optional - host name - DO NOT CHANGE THIS

$wgMoSamlHostName = 'https://auth.miniorange.com';

Only required for SAML broker flow

$wgMoSamlCustomerKey = 12345;

Set this to true if you don't want your users to view website without being logged in using SAML.

Users will be redirected to the IdP if user is not logged in. Make sure logout is enabled for this.

$wgMoSamlRegisteredOnlyAccess = false;

Versions

1.1.1

  • Fix for HTML not getting loaded on login page

For any queries or issues, please drop an email at info@miniorange.com or you can submit a query at https://www.miniorange.com/contact.

About

SAML Plugin for MediaWiki based on https://www.miniorange.com/downloads/mediawiki_saml_1.1.2.zip

Resources

Readme
Activity

Stars

0 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages